How to configure Rules to allow 802.1x and Device Access

chowhcowtan · ‎08-22-2011

Hi,

I am new to ACS 5.1. Need a bit of help out there.

I need to configure the ACS to act as the 802.1x authentication Server, as well as, act as the Radius Server for the authentication and authorization process when I access the switch.

I had created Two rules (under the Access policy) to cater for the two scenario, it will always "stuck" at the 1st rule. For e.g. Rule-1 is meant for the 802.1x, Rule 2 is meant for the AAA process. When I tested with 802.1x, it worked perfectly. But when I tested to login to the switch, it always failed. Based on the log, Rule1 is not able to fulfill my requirement (of course it can't). I thought the rules check process will proceed with Rule-2, but apparently it did not.

Not too sure where did i missed out on the ACS configuration.

thanks

Nicolas Darchis · ‎08-24-2011

Can you please post a screenshot of the conditions you wrote for your service selection ?

Thanks.

michael mearlon · ‎02-27-2013

Try changing your AAA device authen to TACACS+ and use RADIUS for 802.1x needs.

Sent from Cisco Technical Support iPad App